FastAPI backend for OAuth 2.0 integration (authorization code flow) and external API connections. It currently supports Spotify and GitHub: user authorization, code exchange for tokens, and profile data retrieval.
- Python 3.11+ (3.12 recommended)
- OAuth app registered in Spotify Dashboard
- OAuth app registered in GitHub Developers
From the repository root:
python3 -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
pip install --upgrade pip
pip install -r requirements.txtCopy and edit the environment variables:
cp .env.example .envRequired variables for Spotify:
| Variable | Description |
|---|---|
SPOTIFY_CLIENT_ID |
Spotify app Client ID |
SPOTIFY_CLIENT_SECRET |
Client Secret |
REDIRECT_URI |
Callback URL (e.g. http://127.0.0.1:8000/callback/spotify) |
Required variables for GitHub:
| Variable | Description |
|---|---|
GITHUB_CLIENT_ID |
GitHub OAuth app Client ID |
GITHUB_CLIENT_SECRET |
Client Secret |
GITHUB_REDIRECT_URI |
Callback URL (e.g. http://127.0.0.1:8000/callback/github) |
Optional:
| Variable | Description |
|---|---|
FRONTEND_SUCCESS_URL |
After OAuth, send HTTP 302 redirect to this URL with ?session_id=... |
source .venv/bin/activate
uvicorn app.main:app --reload --host 0.0.0.0 --port 8000- API:
http://127.0.0.1:8000 - OpenAPI (Swagger):
http://127.0.0.1:8000/docs
GET /auth/{provider}-> JSON withauthorization_urlandstate.- Supported providers:
spotify,github.
- Supported providers:
- Open
authorization_urlin the browser. - The provider redirects to
GET /callback/{provider}?code=...&state=...(the URI must exactly match your.envvalue).- Spotify uses
REDIRECT_URI. - GitHub uses
GITHUB_REDIRECT_URI.
- Spotify uses
- If
FRONTEND_SUCCESS_URLis not set, the callback returns JSON withsession_id. If it is set, the API responds with 302 to the frontend and appendssession_idin query params. GET /data/{provider}?session_id=...-> user profile data.- Spotify:
GET /data/spotify?session_id=... - GitHub:
GET /data/github?session_id=...
- Spotify:
Note: token/session storage is currently in-memory (good for development). In production with multiple replicas or restarts, replace TokenStore with Redis or a database.
| Component | Usage |
|---|---|
| FastAPI | Async web framework, validation, and OpenAPI |
| Uvicorn | ASGI server |
| HTTPX | Async HTTP client for Spotify/GitHub (token + API calls) |
| python-dotenv | Load .env in development |
| Pydantic | Used by FastAPI for settings models |
app/
main.py # FastAPI app, lifespan (shared httpx client), exception handlers
core/ # Configuration and environment variables
routers/ # HTTP layer only: routes, Depends, responses
services/ # OAuth logic, external API calls, token storage
- routers: receive requests, inject dependencies, and delegate to services.
- services: provider-specific business logic (authorization URL, code exchange, profile API calls,
statevalidation, sessions). - core: centralized configuration loading (
get_settings()).
Domain errors (OAuthConnectorError and subclasses) are mapped to a consistent JSON format { "error", "message" } with appropriate HTTP status codes (401 token/session, 400 OAuth flow, 502 provider/network failures, etc.).
oauth-api-connector/
├── app/
│ ├── main.py
│ ├── core/
│ │ └── config.py
│ ├── routers/
│ │ ├── health.py
│ │ └── oauth.py
│ └── services/
│ ├── exceptions.py
│ ├── github_api.py
│ ├── github_oauth.py
│ ├── token_store.py
│ ├── oauth_flow.py
│ ├── spotify_oauth.py
│ └── spotify_api.py
├── requirements.txt
├── .env.example
└── README.md
See the LICENSE file in this repository.